package com.futureweaver.controller;

import com.futureweaver.domain.Employee;
import com.futureweaver.domain.Register;
import com.futureweaver.service.RegisterService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.w3c.dom.stylesheets.LinkStyle;

import java.util.List;

@Controller
@RequestMapping("/register")
public class RegisterController {
    @Autowired
    private RegisterService service;

    @RequestMapping("/insert")
    @ResponseBody
    public boolean insert(@RequestBody Register register) {
        System.out.println("register insert");
        return service.insert(register);
    }

    @RequestMapping("/query")
    @ResponseBody
    @PreAuthorize("isAuthenticated()")
    public List<Register> query(@RequestBody Register vo) {
        // 如果不是超级管理员的话，需要把员工编号放到vo中
        // 以至于可以条件查询
        // 也就是说超级管理员不加这个条件，也就是无条件查询(员工编号的条件)

        // 当前登录的用户
        Employee emp = (Employee) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        if (!emp.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_ADMIN"))) {
            vo.setEmployeeId(emp.getId());
        }
        return service.query(vo);
    }
}
